CVE-2009-0673

CVE-2009-0673 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php.

Learn more about our Web App Pen Testing.